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What is claimed is: 

1 1. A method for detecting unauthorized hardware 

2 devices in a local area network, comprising steps of: 

3 scanning ports of a plurality of hardware devices to 

4 retrieve MAC addresses thereof; 

5 filtering an uplink port on each of the hardware 

6 devices to acquire a first MAC address list; 

7 calculating the number of MAC addresses of the 

8 filtered ports to acquire a second MAC address 

9 list; and 

10 subtracting the number of ports with more than two 

11 MAC addresses on the first MAC address list 

12 from the number of ports with more than two MAC 

13 addresses on the second MAC address list, 

14 thereby obtaining at least one unauthorized MAC 

15 address. 

1 2. The method as claimed in claim 1, further 

2 comprising steps of: 

3 comparing the MAC addresses of the unauthorized 

4 hardware devices with MAC addresses in a 

5 routing entry table to obtain Internet Protocol 

6 (IP) addresses of the unauthorized hardware 

7 devices; and 

8 acquiring user information for the unauthorized 

9 hardware devices by SNMP or WINS services in 

10 accordance with the IP address of the 

11 unauthorized hardware devices. 
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1 3. The method as claimed in claim 1, wherein in 

2 the scanning step, the ports of the authorized hardware 

3 devices are recursively scanned by one of the authorized 

4 network devices . 

1 4. The method as claimed in claim 1, wherein in 

2 the scanning step, the MAC addresses of authorized 

3 hardware devices are stored in a database. 

1 5. The method as claimed in claim 1, wherein in 

2 the scanning step, the ports of authorized network 

3 devices are scanned by simple network management 

4 protocol . 

1 6. The method as claimed in claim 1, wherein a 

2 simple network management protocol is used in the 

3 calculating step. 

1 7. A system for detecting unauthorized hardware 

2 devices in a local area network, comprising: 

3 a device detection unit for scanning a plurality of 

4 ports of a plurality of hardware devices to 

5 retrieve MAC addresses thereof, filtering an 

6 uplink port of each hardware device to acquire 

7 a first MAC address list, and calculating the 

8 number of MAC addresses of the ports of the 

9 network devices to acquire a second MAC address 

10 list; and 

11 a device processing unit, coupled with the device 

12 detection unit, for subtracting the number of 

13 ports with more than two MAC addresses on the 
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14 first MAC address list from the number of ports 

15 with more than two MAC addresses on the second 

16 MAC address list, thereby obtaining at least 

17 one unauthorized MAC address. 

1 8. The system as claimed in claim 7, wherein the 

2 device processing unit compares the MAC addresses of the 

3 unauthorized hardware devices with MAC addresses in a 

4 routing entry table to obtain Internet Protocol (IP) 

5 addresses of unauthorized hardware devices, and acquire 

6 user information of the unauthorized hardware devices by 

7 SNMP or WINS services. 

1 9. The system as claimed in claim 7, wherein the 

2 device detection unit recursively scans the ports of the 

3 hardware devices . 

1 10. The system as claimed in claim 7, wherein the 

2 device detection unit stores the MAC addresses of the 

3 hardware devices in a database. 

1 11. The system as claimed in claim 7, wherein the 

2 device detection unit scans the ports of the network 

3 devices by simple network management protocol . 

1 12 . A storage medium containing a stored computer 

2 program providing a method for detecting unauthorized 

3 hardware devices, comprising using a computer to perform 

4 the steps of : 

5 scanning a plurality of ports of a plurality of 

6 hardware devices to retrieve MAC addresses 

7 thereof ; 
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8 filtering an uplink port of each hardware device to 

9 acquire a first MAC address list; 

10 calculating the number of MAC addresses of the ports 

11 of the network devices to acquire a second MAC 

12 address list; and 

13 subtracting the number of ports with more than two 

14 MAC addresses on the first MAC address list 

15 from the number of ports with more than two MAC 

16 addresses on the second MAC address list, 

17 thereby obtaining at least one unauthorized MAC 

18 address. 

1 13 . The storage medium as claimed in claim 12 , 

2 further comprising steps of: 

3 comparing the MAC addresses of the unauthorized 

4 hardware devices with MAC addresses in a 

5 routing entry table to obtain Internet Protocol 

6 (IP) addresses of unauthorized hardware 

7 devices; and 

8 acquiring user information of the unauthorized 

9 hardware devices by SNMP or WINS services in 

10 accordance with the IP address of the 

11 unauthorized hardware devices. 

1 14 . The storage medium as claimed in claim 12 , 

2 wherein the ports of the hardware devices are recursively 

3 scanned by one of the authorized network devices. 

1 15. The storage medium as claimed in claim 12, 

2 wherein the MAC addresses of the hardware devices are 

3 stored in a database. 
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1 16. The Storage medium as claimed in claim 12, 

2 wherein the ports of the network devices are scanned by 

3 simple network management protocol. 
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